slawek/terraform-azurerm-storage-account
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add example usage and data recovery sections to README for Azure Storage Account module

Browse Source
This commit is contained in:
Sławek Koszewski
2026-03-01 10:57:51 +01:00
parent 0c86d10d4d
commit c33099fd97
1 changed files with 72 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

72
README.md
View File

@@ -30,6 +30,78 @@ This module creates an Azure Storage Account with the specified name, resource g
Point-in-time restore requires `enable_blob_soft_delete = true`, `enable_blob_versioning = true`, and `enable_blob_change_feed = true`. Point-in-time restore requires `enable_blob_soft_delete = true`, `enable_blob_versioning = true`, and `enable_blob_change_feed = true`.
## Example Usage
Use this module to create a storage account with containers and enable Blob data protection features for short-term rollback and recovery.
```hcl
module "state_storage" {
source = "./modules/storage-account"
rg_name = azurerm_resource_group.rg.name
location = azurerm_resource_group.rg.location
base_name = "sttfstate"
enable_blob_soft_delete = true
blob_soft_delete_retention_days = 30
enable_container_soft_delete = true
container_soft_delete_retention_days = 30
enable_blob_versioning = true
enable_blob_change_feed = true
enable_point_in_time_restore_for_containers = true
point_in_time_restore_days = 14
containers = {
tfstate = {
name = "tfstate"
container_access_type = "private"
}
}
}
```
This example provides quick rollback using storage-account level protection (`soft delete`, `versioning`, `change feed`, and `point-in-time restore`).
## Data Recovery
### Operational recovery (Azure Blobs)
For Azure Blobs, this module enables the storage-account level protection features used for operational recovery: blob soft delete, container soft delete, blob versioning, change feed, and point-in-time restore. This is intended for short-term rollback and fast recovery after accidental delete, overwrite, or data corruption events.
In this module, Azure Blobs operational recovery is configured through the Blob Data Protection inputs (`enable_blob_soft_delete`, `enable_blob_versioning`, `enable_blob_change_feed`, and `enable_point_in_time_restore_for_containers`) in the main storage-account example above.
### Azure Backup recovery (vaulted)
To add the vaulted recovery option, the `backup-vault` module is required.
After creating the vault, configure Azure Backup (policy and backup instance) to protect the storage account for vaulted retention and restore workflows.
```hcl
module "state_storage" {
source = "./modules/storage-account"
rg_name = azurerm_resource_group.rg.name
location = azurerm_resource_group.rg.location
base_name = "sttfstate"
}
module "backup_vault" {
source = "./modules/backup-vault"
rg_name = azurerm_resource_group.rg.name
location = azurerm_resource_group.rg.location
base_name = "bkvault"
datastore_type = "VaultStore"
redundancy = "GeoRedundant"
cross_region_restore_enabled = true
retention_duration_in_days = 30
soft_delete = "On"
immutability = "Disabled"
}
```
## Outputs ## Outputs
- `storage_account_id`: The ID of the created storage account. - `storage_account_id`: The ID of the created storage account.